mailing list archives
Re: Removing ping/icmp from a network
From: krymson () gmail com
Date: 2 Apr 2008 16:02:43 -0000
ICMP can be used as a covert channel as well. A bit exotic, but increasingly within the realm of possibility depending
on how secure you need to be.
I do believe there still exists the case of attacking TCP connections using ICMP as well. Google the tool icmp-reset.
<- snip ->
As a matter of interest, does anyone know of an ICMP exploits besides
DoS? If there are none, then the whole problem is moot. As I
understand it ICMP is an integral part of the TCP stack and as such
the code will be there whether you block ICMP or not, so short of
having a buggy TCP stack it shouldn't increase exposure much if at
Well, Ping of Death comes to mind, but that issue has been fixed ages